Security in 2005 and Linux

Information security in 2005 was really bad. Actually, it was the worst year on record as anticipated. Leading the insecure perception pack is Microsoft Windows. The monthly 'patch Tuesday' has become a beacon and target for hackers. We saw the realization of zero-day exploits and Microsoft's slow response to well known vulnerabilities.

There were a few bright spots, "Linux Security: A Good Thing Keeps Getting Better". If you happen to be using Linux then 2005 was not a bad year and actually was somewhat predictable. If you are using Windows, then 2005 was a really bad year.

If you can anticipate, predict and adapt to vulnerabilities then you have a better chance at defending your systems. Comparing Linux to Windows I would have to say that Linux is the environment where anticipating threats is easier.

I am involved in securing both Windows and Linux systems at work and at home. From my viewpoint over the past year, I would have to say I was more concerned about the Windows machines than I am about my Linux machines. One of the nice things with Linux is that I don't have to continually worry about mail bomb viruses, macros and various scripts invading my network. The recent WMF flaw is a recent example of what is lurking inside of Windows.

The permissions model in Linux/Unix and especially in SELinux is much more robust than what Windows provides. So for the next year, I still feel that running Linux systems is a much safer way to compute than Windows. We are in January 2006 now so all that can change with another exploit to Linux or Windows. If I was a betting person, I would place my bets on Linux being more secure. I am not a gambler so I prefer to remain adaptable and flexible to address any potential scenario.

Maybe it's time to get a Mac in addition to my Linux and Windows machines! Now that would round out the platform scenario to include another architecture and make my computing networks highly diversified.

I guess that's the type of computing world we live in today. Change is rapid and constant. At any time or even overnight a security issue can manifest itself thus requiring some type of remediation. At least this stuff is not going to bore anyone anytime soon.